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«Web Client» 
message M 



entry/ M [State : plain] 

do/ Me=encrypt(M) 

exit/ Me [State : encrypted] 



send{ Me ) 
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«Web Server» 
Secure Server 



entry/ Me [State : encrypted] 

do/ M=decrypt(Me) 

event M [State : PLAIN]/ deploy(M) 

do/ Me1 =encrypt(M) 

exit/ Me1 [State : encrypted] 



send{Me1) 



«Operator» 
Terminal 



entry/ Me1 [State : encrypted] 

do/ M=decrypt(Me1) 

event M [State : PLAIN]/ perform(M) 
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«Web Client» 
message m 



entry/ m [State : plain] 

do/ me=encrypt(m) 

exit/ me [State : encrypted] 



send(me) 
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«Web Server» 
Server 



entry/ me [State : encrypted] 
exit/ me [State : encrypted] 



send(me) 



«Operator» 
End Point 



entry/ me [State : encrypted] 

do/ M=decrypt(me) 

event M [State : PLAIN]/ perform(M) 
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Private information flow comparison 
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Secure Server / Third Party 
"Solutions" 



Present invention 
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3: ck^ger^aleCommunicaticMnKe^cardNr.parameter) 



Communication Key 
ck represents 
the encrypted 
equivalent of the 
Card number 




7: performTransaction(cardNr) 
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,cardNr 



1 
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4: sendCommunicationKey(ck) 



2: request ForCardNr 
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1: requestForPurchase 



9: responseToRequestForPurchase 
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CardNrl 
CardNr2 
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Card number cardNr 
represents the 
decrypted equivalent 
of the 

communicationKey ck 



'5yTequestForTransadion(ck) 
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The communicationKey ck has 
no meaning for the Web Server, 
which is used only like a carrier 
for this specific information, in 
contrast with the existing 
solutions, where instead of ck, 
the Card number ts used. 



Any attempt to use the 
communicationKey ck more 
than once results in an 
authentication failure and 
therefore the Card number 
remains unknown to any third 
party involved in the 
transaction between the Client 
V]and the Bank 
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A context 



51 L 

requestForContext{ ) 



ThirdParty 
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B context 
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generateEncryptedContext() 
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sendEncryptedContextQ 
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sendEncryptedContextForAuthentication() 
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decryptCont|xtAndAuthenticate( ) 
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«select parameterized context "contextParam"» 
contextParam = f (context, parameter) 

where context e Z, parameter eP.PcZ 
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! «setect secret key "p"» 
p = g(contextParam) 

where p is prime, p > 2 
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f «select secret key H n"» 

| n = h(context,parameter) 

r | 

[ where n e Z, n > 0 



«seiect modulus "m n » 
m - p A n 

where m e Z 7 m > 0 



«select encryption key V» 
a = k(corrtext,parameter) 

where a e M m , (a,9(m)) = 1, 8(m) = p n (1 - 1/p) 
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«select communication key "<x1"» 
a1 

where a1 e M m , (a1,9(m)) = 1, a*al^1 mod 6(m) 
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Input : al - communication key 
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«select list L of of possible candidates» 
L 



72 yj~ «select element from list L» 
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f «select parameterized context "contextParam" 
contextParam = f(z, parameter) 
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«select secret key "p"» 
p = g(contextParam) 



( «select secret key "n"» 
n = h(z.parameter) 
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«select modulus "m"» 1 



m = p A n 
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77 -^T «select encryption key "p"» 
\ p = k(z, parameter) 
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"\ <<^hen1icatioji>> 
^J3*a1=1mod e(mf 
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' «element found» ^ 
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Input : communication key 
a 1 derived from context 
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Select list L of possible 
candidates for context 
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Select element z from list L 
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Select parameterized context 
'contextParam' 

contextParam = f(z,parameter) 
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Select secret key c p' 
p = g(contextParam) 



Select secret key 6 n' 
n = h(z,parameter) 



Select modulus 


'm' 


m = p n 
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Solve ecuation 

al * x^ 1 mod 0(m) 
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Input: context 

r 



101 / '~\^ confute modulus m derived from context 
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retrieve previouslncrement for context 



1 03 / *\^ increment = next(previousIncrement) 
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a = k(context, increment) 
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send communication key al, where a * al = 1 mod 6(m) 
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select z from list L 
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compute modulus m z derived from z 



retrieve previous!ncrement z for z 



109 ^ solve x * al s 1 mod 0( n^) 
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Element found 



r ck = generateConTnunicationKey(celiulai1D) 
► 



3: authenticate ient(ck) 
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2: requestToPlaceCaJl(ck) 



4: responseToRequestToRaceCal! 
124 
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cellularlD represents the ceil 
phone id code, such as ESN and/or 
MtN, where ESN=Electronic Serial 
Number and 

MIN=Mobile Identification Number, 
ck represents the encrypted 
equivalent of the cellularlD and a 
parameter such as a counter and/or 
date/time stamp. 



the carrier(ceiluiar phone 
company) processes the request 
if the communication key was 
derived from any of various key 
data from a previously provided 
data pool related to the client, 
such as the cell phone id code, 
in combination with a parameter 
such as a counter and date/time 
k ^stamp. 
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